Microsoft warned of a recently uncovered piece of malware, tracked as Anubis that was designed to steal information from infected systems.

This week, Microsoft warned of a recently uncovered piece of malware, tracked as Anubis, that was distributed in the wild to steal information from infected systems.

Anubis is the name of an Android malware well-known in the community of malware analysts, but the family reported by Microsoft is not related to it.

According to Microsoft, the new piece of malware uses code forked from Loki malware to steal system info, credentials, credit card details, cryptocurrency wallets.

The new malware shares a name with an unrelated family of Android banking malware. Anubis is deployed in what appears to be limited, initial campaigns that have so far only used a handful of known download URLs and C2 servers.— Microsoft Security Intelligence (@MsftSecIntel) August 26, 2020The recently discovered malware only targets Windows systems, Microsoft detected it as PWS:MSIL/Anubis.G!MTB.

Anubis has been around since June when it appeared on several cybercrime forums.

“Anubis is deployed in what appears to be limited, initial campaigns that have so far only used a handful of known download URLs and C2 servers,” continues Microsoft.

Microsoft shared some indicators of compromise (IoC) for this threat and announced it will continue to monitor it.

window._mNHandle = window._mNHandle || {};
window._mNHandle.queue = window._mNHandle.queue || [];
medianet_versionId = “3121199”;

try {
window._mNHandle.queue.push(function () {
window._mNDetails.loadTag(“762221962”, “300×250”, “762221962”);
});
}
catch (error) {}

Pierluigi Paganini

(SecurityAffairs – hacking, malware)

The post Anubis, a new info-stealing malware spreads in the wild appeared first on Security Affairs.